By equipping customers with a modem that operates over standard telephony lines, Internet service providers (ISPs, including most telephone companies—telcos) are able to offer residential Internet access to a large segment of the general population. Once a customer receives a modem and hooks it up to his or her computer, the customer typically undergoes a setup procedure, whereby the ISP's telephone number is dialed automatically or upon the click of a mouse button. Certain initial data (e.g., username and password) are then requested by the ISP and entered only once by the customer, for the purposes of configuring the modem for all subsequent attempts to remotely access the Internet.
If the modem credentials are correct, i.e., if the modem has been properly configured, then the ISP's authentication servers will allow the customer's computer to access the Internet whenever the customer so wishes, as long as the same modem is utilized to establish the connection to the ISP. If, on the other hand, the ISP's authentication servers determine that the modem credentials are incorrect, then it is still possible for the customer to enter his or her personal account credentials in order to access the Internet, but this needs to be done each time the user attempts to access the Internet, since the modem's credentials will invariably fail.
Unfortunately, ISPs that implement the aforementioned conventional model for accessing the Internet face a number of problems, due in large part to inadequate control of remote access attempts.
For example, it has been observed by ISPs that there will inescapably be a certain percentage of modems in their networks that have been improperly configured, i.e., by entering incorrect credentials during the setup procedure. This leads to repeated failed attempts (and retries) to access the Internet via the ISP's authentication servers, undesirably resulting in a tendency to slow down access to the Internet for a wider customer base.
Another problem arises from the manner in which so-called “management sessions” are initiated, namely through the use of shared “management credentials”. Specifically, upon being triggered to submit the management credentials, the modem establishes a connection with a management server over the Internet. Clearly, a malicious party who intercepts or otherwise learns the universal management credentials will be able to enjoy unfettered, unauthorized and anonymous access to the Internet and potentially to the ISP's authentication servers and other equipment.
Furthermore, due to the lack of integration between its accounting department and its network access control equipment, an ISP often finds itself in the position of allowing customers to access the Internet even during times where the customer has not paid for the service. This clearly impacts revenues in a negative way.
In addition, ISPs are often powerless against the spread of viruses or worms over the Internet that its very own customers have released, whether maliciously or as defenseless victims of a hostile self-replicating program.
As present-day access models do not satisfactorily address the above and other issues, there continues to be a need to provide ISPs with greater control of their customers' attempts to remotely access the Internet.